package com.zenith.user.controller;

import com.zenith.common.annotation.request.SecureGetMapping;
import com.zenith.common.annotation.request.SecurePostMapping;
import com.zenith.common.result.Result;
import com.zenith.common.result.PageResult;
import com.zenith.user.po.domain.Permission;
import com.zenith.user.po.dto.PermissionDTO;
import com.zenith.user.service.PermissionService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * 权限管理
 *
 * @author makejava
 * @since 2025-08-15
 */
@Slf4j
@RestController
@RequestMapping("/api/user/permission")
@Tag(name = "权限管理")
public class PermissionController {

    @Autowired
    private PermissionService permissionService;

    @SecurePostMapping(value = "/addOrUpdatePermission", roles = {"ADMIN"}, permission = "role:write")
    @Operation(summary = "添加或修改权限")
    public Result<Void> saveOrUpdate(@RequestBody Permission entity) {
        log.info("添加或修改权限: {}", entity);
        permissionService.saveOrUpdate(entity);
        return Result.success();
    }

    @SecurePostMapping(value = "/deletePermissions", roles = {"ADMIN"}, permission = "role:delete")
    @Operation(summary = "批量删除权限")
    public Result<Void> deletePermissions(@RequestBody List<String> ids) {
        log.info("批量删除权限: {}", ids);
        permissionService.removeByIds(ids);
        return Result.success();
    }

    @SecurePostMapping(value = "/getPermissionById", roles = {"ADMIN", "USER"}, permission = "role:read")
    @Operation(summary = "根据ID查询权限")
    public Result<Permission> getPermissionById(@RequestParam String id) {
        log.info("根据ID查询权限: {}", id);
        return Result.success(permissionService.getById(id));
    }

    @SecurePostMapping(value = "/getPermissionList", roles = {"ADMIN"}, permission = "role:read")
    @Operation(summary = "获取权限列表")
    public Result<List<Permission>> getPermissionList() {
        log.info("获取权限列表");
        return Result.success(permissionService.list());
    }

    @SecurePostMapping(value = "/getPermissionPage", roles = {"ADMIN"}, permission = "role:read")
    @Operation(summary = "分页查询权限")
    public Result<PageResult<Permission>> getPermissionPage(PermissionDTO query) {
        log.info("分页查询权限: {}", query);
        return Result.success(permissionService.getPermissionPage(query));
    }

    @SecureGetMapping(value = "/check", roles = {"ADMIN"}, permission = "role:read")
    @Operation(summary = "判断用户的角色是否拥有此权限")
    public Result<Boolean> getPermissionIds(@RequestParam Long userId, @RequestParam String requiredPermission) {
        log.info("根据用户ID获取权限ID列表: {},{}", userId, requiredPermission);
        return Result.success(permissionService.getPermissionIds(userId, requiredPermission));
    }

    @SecurePostMapping(value = "/selectPermissionsByRole",roles = {"ADMIN"}, permission = "role:read")
    @Operation(summary = "根据角色获取权限列表")
    public Result<List<Permission>> selectPermissionsByRole(@RequestParam("role") String role) {
        log.info("根据角色获取权限列表: {}", role);
        List<Permission> permissions = permissionService.selectPermissionsByRole(role);
        return Result.success(permissions);
    }
}